CVE-2023-2002

Updated: 2023-08-19 20:26:11.904817

Description:

A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 6.8

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 6 ELS kernel 2.6.32 6.8 MEDIUM Ignored 2023-06-09 05:04:57
CentOS 7 ELS kernel 3.10.0 6.8 MEDIUM Ignored 2023-09-19 05:07:23
CentOS 8.4 ELS kernel 4.18.0 6.8 MEDIUM Ignored 2023-06-09 05:04:57
CentOS 8.5 ELS kernel 4.18.0 6.8 MEDIUM Ignored 2023-06-09 05:04:57
CloudLinux 6 ELS kernel 2.6.32 6.8 MEDIUM Ignored 2023-06-09 05:04:57
Oracle Linux 6 ELS kernel 2.6.32 6.8 MEDIUM Ignored 2023-06-09 05:04:57
Ubuntu 16.04 ELS linux-hwe 4.15.0 6.8 MEDIUM Released CLSA-2023:1695144235 2023-09-19 14:09:40
Ubuntu 16.04 ELS linux 4.4.0 6.8 MEDIUM Ignored 2023-06-09 05:04:57
Ubuntu 18.04 ELS linux 4.15.0 6.8 MEDIUM Released CLSA-2023:1695041084 2023-09-18 09:30:27